<?php

error_reporting("0");

include_once('util.php');
include_once('config.php');
include_once('manual_auth_with_sdk.php');

function get_user_id($identity, $passwd) {
    $sql = sprintf('select id from local_user where identity = "%s"', $identity);
    $ret = mysql_query($sql);
    print $ret;
    if (!$ret) {
        echo "SQL:($sql) failed: " . mysql_error();
        return;
    }
    $user_id = mysql_fetch_assoc($ret);
    $user_id = $user_id['id'];

    return $user_id;
}

function open_authorize_url($identity, $passwd) {
    connect_db();

    $user_id = get_user_id($identity, $passwd);
    $sql = "select * from app_auth_token where user_id = $user_id";
    $ret = mysql_query($sql);
    if (isset($ret))
        mysql_query("delete from app_auth_token where user_id = $user_id");

    $ret = mysql_query('select id from local_app'); 
    if (!$ret) {
        echo "SQL:($sql) failed: " . mysql_error();
    }
    $app_ids = array();
    while ($app_info = mysql_fetch_assoc($ret)) {
        array_push($app_ids, $app_info['id']);
    }

    $app_auth_count = array();
    foreach ($app_ids as $app_id) {
        $ret = mysql_query("select count(*) from app_auth_token where app_id = $app_id");
        $current_app_auth_count = mysql_fetch_row($ret);
        $current_app_auth_count = $current_app_auth_count[0];
        if (empty($app_auth_count)) {
            $app_auth_count[$app_id] = $current_app_auth_count; 
        }
        else {
            foreach ($app_auth_count as $key => $value) {
            $count = $value;
            }
        }
        if ($current_app_auth_count < $count) {
            unset($app_auth_count);
            $app_auth_count[$app_id] = $current_app_auth_count;
        }
    }

    foreach ($app_auth_count as $key => $value) {
        $app_id = $key;
    }
    $ret = mysql_query("select * from local_app where id = $app_id");
    $app_info = mysql_fetch_assoc($ret);
    $app_key = $app_info['token'];
    $app_secret = $app_info['secret'];
    
    //relate app info with callback url
    $aurl = get_aurl($app_key, $app_secret, $identity, $passwd, $app_id, $user_id);
    header("Location: $aurl");
}

//get data from url
if ($_POST['identity']!=null and $_POST['passwd']!=null and !isset($_GET['oauth_verifier'])) {
    $identity = $_POST['identity'];
    $passwd = $_POST['passwd'];
    open_authorize_url($identity, $passwd);
}

//get data from form
if ($_GET['identity']!=null and $_GET['passwd']!=null and !isset($_GET['oauth_verifier'])) {
    $identity = $_GET['identity'];
    $passwd = $_GET['passwd'];
    open_authorize_url($identity, $passwd);
}
    
//authorize account
if (isset($_GET['oauth_verifier'])) {
    connect_db();
    $identity = $_GET['identity'];
    $passwd = $_GET['passwd'];
    $app_key = $_GET['app_key'];
    $app_secret = $_GET['app_secret'];
    $user_id = $_GET['user_id'];
    $app_id = $_GET['app_id'];
    $oauth_verifier = $_GET['oauth_verifier'];

    session_start();
    $access_token = get_access_token($app_key, $app_secret, $oauth_verifier); 

    if (isset($access_token)) {
        $app_id = $_GET['app_id'];
        $oauth_token = $access_token['oauth_token'];
        $oauth_token_secret = $access_token['oauth_token_secret'];

        if (!isset($oauth_token) or !isset($oauth_token_secret)) {
            echo 'oauth_token or oauth_token_secret not exist';
            return;
        }
        else {
            //insert user to db
            $sql = sprintf('insert into local_user(identity, passwd, enabled) values("%s", "%s", 0) on duplicate key update identity = "%1$s", passwd = "%2$s", enabled = 0', $identity, $passwd);

            sql_or_die($sql);
            $user_id = get_user_id($identity, $passwd);

            header("Location: http://192.168.1.201/cgi/manual_auth.py?identity={$identity}&user_id={$user_id}&app_id={$app_id}&oauth_token={$oauth_token}&oauth_token_secret={$oauth_token_secret}");
        }
    }
    else {
        echo 'failed to get access token';
    }
}

?>

<!DOCUMENTTYPE html>
<html> 
<head>
<title>sina authorize</title>
<script type="text/javascript" src="js/jquery-1.7.1.js"></script>
</head>
<body>
    <center>
    <form method="post" target="_blank" action="manual_auth.php">
        <input type="text" name="identity" placeholder="identity"></input><br />
        <input type="text" name="passwd" placeholder="passwd"></input><br />
        <input type="submit" value="submit" name="submit" />
    </form>
    </center>
</body>
</html>
